package security_funcs

import (
	current_subject "app/app_src/framework/security/current/subject"
	security_rule "app/app_src/framework/security/rule"
	security_strategy "app/app_src/framework/security/strategy"

	"github.com/gin-gonic/gin"
)

// 要求是管理员才能访问
func RequireAdmin(handlerFunc gin.HandlerFunc) gin.HandlerFunc {
	newFunc := func(ctx *gin.Context) {
		security_strategy.CallInitCurrentSubjectFunc(ctx)
		subject := current_subject.GetSubject()

		if security_rule.RequireAuthed(ctx, subject) &&
			security_rule.RequireAdmin(ctx, subject) {
			handlerFunc(ctx)
		}
	}

	return newFunc
}
